New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Not working with github private repo #755

Open
seoker opened this Issue May 8, 2017 · 7 comments

Comments

Projects
None yet
5 participants
@seoker

seoker commented May 8, 2017

pnpm version:

v0.67.0

Code to reproduce the issue:

pnpm i with packages.json like:

"dependencies": {
    "@SOME_ORG/SOME_PRIVATE_REPO": "git+https://{token}:x-oauth-basic@github.com/SOME_ORG/SOME_PRIVATE_REPO.git"
}

Expected behavior:

The private repo gets well installed.

Actual behavior:

WARN Error while trying to resolve https://{token}:x-oauth-basic@github.com/SOME_ORG/SOME_PRIVATE_REPO.git via GitHub API
  ERROR fetch failed with status code 404

Additional information:

  • node -v prints: v7.6.0
  • Windows, OS X, or Linux?: OS X
@vjpr

This comment has been minimized.

Show comment
Hide comment
@vjpr

vjpr May 10, 2017

Contributor

Reproduced.

pnpm i git+https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git --reporter=ndjson --no-lock
{"time":1494450808877,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"warn","name":"pnpm","message":"using --no-lock I sure hope you know what you are doing"}
{"time":1494450809053,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:progress","status":"installing","pkg":{"rawSpec":"git+https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git"}}
{"time":1494450809058,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request uri https://api.github.com/repos/private/repo/commits/HEAD"}
{"time":1494450809059,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request no auth needed"}
{"time":1494450809062,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"info","name":"pnpm:registry","message":"attempt registry request try #1 at 11:13:29 PM"}
{"time":1494450809063,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request id 391683d41a458c0c"}
{"time":1494450809064,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request GET https://api.github.com/repos/private/repo/commits/HEAD"}
{"time":1494450809676,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http 404 https://api.github.com/repos/private/repo/commits/HEAD"}
{"time":1494450809688,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http headers { server: 'GitHub.com',\n  date: 'Wed, 10 May 2017 21:13:30 GMT',\n  'content-type': 'application/json; charset=utf-8',\n  'transfer-encoding': 'chunked',\n  status: '404 Not Found',\n  'x-ratelimit-limit': '60',\n  'x-ratelimit-remaining': '52',\n  'x-ratelimit-reset': '1494453734',\n  'x-github-media-type': 'github.v3; format=json',\n  'access-control-expose-headers': 'ETag, Link, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval',\n  'access-control-allow-origin': '*',\n  'content-security-policy': 'default-src \\'none\\'',\n  'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',\n  'x-content-type-options': 'nosniff',\n  'x-frame-options': 'deny',\n  'x-xss-protection': '1; mode=block',\n  'content-encoding': 'gzip',\n  'x-github-request-id': 'REQUESTID' }"}
{"time":1494450809689,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"warn","name":"pnpm:git-logger","message":"Error while trying to resolve https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git via GitHub API","err":{"pkgid":"repos","statusCode":404,"code":"E404"}}
{"time":1494450810572,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:progress","status":"resolved","pkgId":"github.com/private/repo/HEAD","pkg":{"rawSpec":"git+https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git"}}
{"time":1494450810580,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"info","name":"pnpm:registry","message":"attempt registry request try #1 at 11:13:30 PM"}
{"time":1494450810580,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http fetch GET https://codeload.github.com/private/repo/tar.gz/HEAD"}
{"time":1494450811179,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http fetch 404 https://codeload.github.com/private/repo/tar.gz/HEAD"}
{"time":1494450811182,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"error","name":"pnpm","message":{},"err":{"name":"Error","message":"fetch failed with status code 404","stack":"Error: fetch failed with status code 404\n    at Request.<anonymous> (/Users/Vaughan/nvm/versions/node/v6.5.0/lib/node_modules/pnpm/lib/node_modules/npm-registry-client/lib/fetch.js:58:14)\n    at emitOne (events.js:96:13)\n    at Request.emit (events.js:188:7)\n    at Request.onRequestResponse (/Users/Vaughan/nvm/versions/node/v6.5.0/lib/node_modules/pnpm/lib/node_modules/request/request.js:1074:10)\n    at emitOne (events.js:96:13)\n    at ClientRequest.emit (events.js:188:7)\n    at HTTPParser.parserOnIncomingClient (_http_client.js:472:21)\n    at HTTPParser.parserOnHeadersComplete (_http_common.js:105:23)\n    at TLSSocket.socketOnData (_http_client.js:361:20)\n    at emitOne (events.js:96:13)"}}

Token is simply not being used.

Contributor

vjpr commented May 10, 2017

Reproduced.

pnpm i git+https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git --reporter=ndjson --no-lock
{"time":1494450808877,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"warn","name":"pnpm","message":"using --no-lock I sure hope you know what you are doing"}
{"time":1494450809053,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:progress","status":"installing","pkg":{"rawSpec":"git+https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git"}}
{"time":1494450809058,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request uri https://api.github.com/repos/private/repo/commits/HEAD"}
{"time":1494450809059,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request no auth needed"}
{"time":1494450809062,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"info","name":"pnpm:registry","message":"attempt registry request try #1 at 11:13:29 PM"}
{"time":1494450809063,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request id 391683d41a458c0c"}
{"time":1494450809064,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http request GET https://api.github.com/repos/private/repo/commits/HEAD"}
{"time":1494450809676,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http 404 https://api.github.com/repos/private/repo/commits/HEAD"}
{"time":1494450809688,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http headers { server: 'GitHub.com',\n  date: 'Wed, 10 May 2017 21:13:30 GMT',\n  'content-type': 'application/json; charset=utf-8',\n  'transfer-encoding': 'chunked',\n  status: '404 Not Found',\n  'x-ratelimit-limit': '60',\n  'x-ratelimit-remaining': '52',\n  'x-ratelimit-reset': '1494453734',\n  'x-github-media-type': 'github.v3; format=json',\n  'access-control-expose-headers': 'ETag, Link, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval',\n  'access-control-allow-origin': '*',\n  'content-security-policy': 'default-src \\'none\\'',\n  'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',\n  'x-content-type-options': 'nosniff',\n  'x-frame-options': 'deny',\n  'x-xss-protection': '1; mode=block',\n  'content-encoding': 'gzip',\n  'x-github-request-id': 'REQUESTID' }"}
{"time":1494450809689,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"warn","name":"pnpm:git-logger","message":"Error while trying to resolve https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git via GitHub API","err":{"pkgid":"repos","statusCode":404,"code":"E404"}}
{"time":1494450810572,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:progress","status":"resolved","pkgId":"github.com/private/repo/HEAD","pkg":{"rawSpec":"git+https://MYPRIVATETOKENREMOVED:x-oauth-basic@github.com/private/repo.git"}}
{"time":1494450810580,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"info","name":"pnpm:registry","message":"attempt registry request try #1 at 11:13:30 PM"}
{"time":1494450810580,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http fetch GET https://codeload.github.com/private/repo/tar.gz/HEAD"}
{"time":1494450811179,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"debug","name":"pnpm:registry","message":"http fetch 404 https://codeload.github.com/private/repo/tar.gz/HEAD"}
{"time":1494450811182,"hostname":"Vaughan-MacBook-Pro.local","pid":29163,"level":"error","name":"pnpm","message":{},"err":{"name":"Error","message":"fetch failed with status code 404","stack":"Error: fetch failed with status code 404\n    at Request.<anonymous> (/Users/Vaughan/nvm/versions/node/v6.5.0/lib/node_modules/pnpm/lib/node_modules/npm-registry-client/lib/fetch.js:58:14)\n    at emitOne (events.js:96:13)\n    at Request.emit (events.js:188:7)\n    at Request.onRequestResponse (/Users/Vaughan/nvm/versions/node/v6.5.0/lib/node_modules/pnpm/lib/node_modules/request/request.js:1074:10)\n    at emitOne (events.js:96:13)\n    at ClientRequest.emit (events.js:188:7)\n    at HTTPParser.parserOnIncomingClient (_http_client.js:472:21)\n    at HTTPParser.parserOnHeadersComplete (_http_common.js:105:23)\n    at TLSSocket.socketOnData (_http_client.js:361:20)\n    at emitOne (events.js:96:13)"}}

Token is simply not being used.

@zkochan zkochan added the type: bug label Jun 19, 2017

@zkochan zkochan self-assigned this Jun 21, 2017

@vcfvct

This comment has been minimized.

Show comment
Hide comment
@vcfvct

vcfvct Aug 2, 2017

Looks like i am having
ERROR fetch failed with status code 406 with version 1.10.0

vcfvct commented Aug 2, 2017

Looks like i am having
ERROR fetch failed with status code 406 with version 1.10.0

@zkochan

This comment has been minimized.

Show comment
Hide comment
@zkochan

zkochan Dec 6, 2017

Member

In case someone would like to work on this. It is now a lot easier because the git resolver code was moved to @pnpm/git-resolver and the git fetcher to @pnpm/git-fetcher. I just did not move all the git-related tests there yet

Member

zkochan commented Dec 6, 2017

In case someone would like to work on this. It is now a lot easier because the git resolver code was moved to @pnpm/git-resolver and the git fetcher to @pnpm/git-fetcher. I just did not move all the git-related tests there yet

@huochunpeng

This comment has been minimized.

Show comment
Hide comment
@huochunpeng

huochunpeng Apr 19, 2018

Contributor

I had similar issue on bitbucket private repo.

Failed on

"bcx-ui": "bitbucket:buttonwoodcx/bcx-ui.git#v1.9.5",

Message:

ERROR  Command failed: git ls-remote --refs 
fatal: 'null' does not appear to be a git repository
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

But works on full url

"bcx-ui": "https://bitbucket.org/buttonwoodcx/bcx-ui.git#v1.9.5",

or

"bcx-ui": "git+ssh://git@bitbucket.org/buttonwoodcx/bcx-ui.git#v1.9.5",
Contributor

huochunpeng commented Apr 19, 2018

I had similar issue on bitbucket private repo.

Failed on

"bcx-ui": "bitbucket:buttonwoodcx/bcx-ui.git#v1.9.5",

Message:

ERROR  Command failed: git ls-remote --refs 
fatal: 'null' does not appear to be a git repository
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

But works on full url

"bcx-ui": "https://bitbucket.org/buttonwoodcx/bcx-ui.git#v1.9.5",

or

"bcx-ui": "git+ssh://git@bitbucket.org/buttonwoodcx/bcx-ui.git#v1.9.5",

@zkochan zkochan added the help wanted label Apr 20, 2018

@huochunpeng

This comment has been minimized.

Show comment
Hide comment
@huochunpeng

huochunpeng Jun 28, 2018

Contributor

Hi all, I am working on add support of bitbucket/gitlab (public and private) repos in @pnpm/git-resolver.

I have question on the usability of using OAuth token in dependencies of package.json. The OAuth token has limited lifespan, it will become invalid very soon. It seems to me it should not be put in package.json.

For that reason, I am reluctant to add support of token based full url. But I am not sure about your use case. Let me know your thoughts.

For private repos, as long as you have ssh key probably setup on your github/bitbucket/gitlab account, future git-resolver is going to support private repos in either

  1. shortcut form username/repo, bitbucket:username/repo, gitlab:username/repo#ref
  2. or full git url without using OAuth token
Contributor

huochunpeng commented Jun 28, 2018

Hi all, I am working on add support of bitbucket/gitlab (public and private) repos in @pnpm/git-resolver.

I have question on the usability of using OAuth token in dependencies of package.json. The OAuth token has limited lifespan, it will become invalid very soon. It seems to me it should not be put in package.json.

For that reason, I am reluctant to add support of token based full url. But I am not sure about your use case. Let me know your thoughts.

For private repos, as long as you have ssh key probably setup on your github/bitbucket/gitlab account, future git-resolver is going to support private repos in either

  1. shortcut form username/repo, bitbucket:username/repo, gitlab:username/repo#ref
  2. or full git url without using OAuth token
@zkochan

This comment has been minimized.

Show comment
Hide comment
@zkochan

zkochan Jun 29, 2018

Member

Changes from pnpm/git-resolver#12 published in pnpm v2.10.0.

Member

zkochan commented Jun 29, 2018

Changes from pnpm/git-resolver#12 published in pnpm v2.10.0.

@zkochan

This comment has been minimized.

Show comment
Hide comment
@zkochan

zkochan Aug 25, 2018

Member

I have no private repositories, so I cannot verify that it works.

If someone verified it with the latest pnpm, lets close this issue

Member

zkochan commented Aug 25, 2018

I have no private repositories, so I cannot verify that it works.

If someone verified it with the latest pnpm, lets close this issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment